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Amenclments to the Claims: 

I. (currently amended) A method of securely downloading and installing a patch progr^rn in a 
plurality of computing devices, each computing device having a processor, program memory and 
patch memory, said method comprising the steps of; 

traa s m i iiing Sidd patch data to fluid computing dcviccj over g nomicourc channel in an 

encrypted mann e r utilizing a first key; 
receiving tirr . i encrypted patch data at a computing doviuo and decrypting r . a i d firut encrypted 

patch data u^ i l iiiing suid first key to g e n e rate oloar patch dat at 
verifying the i ntegrity of the contcntr , of said clear patch data; and if said vof i f i cution pas&eb, 
encrypting raid cl tg ar patch data u ?^ ing a uccond koy and r > loring the reuultant ruicond 

encrypted patch data in a dat a- m e mory; 
retrieving &aid i>econd encryp t ed patch data from ^aid data memory and dcofypiing sai d 

fi e cond encrypt e d patoh data using i iaid second key to generate cl e ar patch data ; and 
loading said clear patch data into said patch memory, 

encryptinu the entire contenus of said p atch pioiiram using a shared kev to generate a fir^t 
enc rypted patch proarum, said shared kev being known to a plurality of comp aiing 
devices; 

transmitting said first encrypted patch p rotiram to a plurality of said computing devices over 

a nonsecure communications channel: 
receivina said first encry pted patch prop-am at a computini! device: 

decrypting said first encrypted patch p rogram utili/ini? said shared key m ticncrate a fir^ 
clear patch program: 

rc-cncryptinu the entire contents of said clear patch program ntilizimi a unique kev known 

on ly to and hardwired into that particular computing device and storing a resuh><pt 

second encrypted patch program in memory: 
upon subsequent reset, retrieving s aid s ec on d encrypted patch program from said mcmnry 

and deCTVDtin& said second cncryp ied p^ ^ rh pr otjam utilizing said unique key jo 

generate a second clear patch program: and 
loadinft said second clear patch nronram into said patch memory for i-.v^>r,ifin n hv siud 

computing device. 
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2. (currently amendecl) The method according lo claim 1, wherein said patch 4rHa program is 
received Irom a salellile adapted to forward said patch data transmitted Irom a central data center 

3. (currcnt)y amended) The method according to claim 1, wherein said patch data program is 
received from a terrestrial repeater station adapted to forward said patch data transmitted from a 
central datii center. 

4. (original) The method according to claim 1. wherein said nonsecure channel comprises a satellite 
downlink. 

5. (original) The method according to claim 1, wherein said nonsecure channel comprises a 
terrestrial wireless link. 

6. (original) The method according to claim 1, wherein said computing device comprises the data 
processor portion of a radio receiver adapted to receive a signal transmitted from u satellite 
downlink. 

7. (original) The method according to claim 1, wherein said computing device comprises the data 
processor portion of a radio receiver adapted to receive a signal transmitted from a terrestrial 
repeater station. 

8. (currently amended) The method according to claim 1, wherein said fifst -shared key is known to 
all computing devices in said system. 

9. (currently amended) The method according to claim 1 , wherein said ikst shared key is known to a 
portion of computing devices in said system, 

10. (currently amended) The method according to claim .1, v^hrtrrMn nnr>K jfidividugl computing 
d ^i vice comprisi e s u uniquo ^. aid Sfecond key not known to other computing device s further comp rising 
the step of verifyine the intcgritv o i the contents of said firxf clear patch pro fgram. 

11. (currently amended) The method according to claim 1, wherein said second encrypted patch date 
program is stored in random access memory (RAM) integral lo said device. 

12. (currently amended) The method according to claim 1, wherein said second encrypted patch date 
Eiogram is stored in random access memory (RAM) located in a host device in communication with 
said computing device. 
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13. (cujTcnily umencJed) The method acxording lo claim 1, wherein said second encrypted patch data 
RrjSSXaOi is stored in nonvolatile memory (NVM) integral to said computing device. 

14. (currently amended) The method according to claim 1, wherein said second encrypted patch data 
is stored in nonvolatile memory (NVM) located iri a host device in communication with said 
computing device. 

15. (currently amended) The method according to claim [[I]] 10, further comprising the step of 
deleting said pat ch information first cncrvnted patch program and said first clear patch program from 
said device in the event said verification fails. 

16. (currently amended) The method according to claim [[1J| 10, luriher comprising the step of 
deleting said patch information first encrypted patch progr am and said first clear patch p rnf>mm from 
said device and subsequently rebooting said device in tlie event said verification fails, 

17. (currently amended) The method according to claim I, wherein said shared key is hardwired 
within said computing device. 

18. (c-urrently amended) The method a^ar^atus according to claim [[IJJ 63, wherein r^uid second key 
IS hardwired within 'juid comp uting d e vice wherein said softwa re means is operative to verify the 
integriiy of the contents of said first clear patch nrop - am and if verification fails, to delete fir^^ 
encrypted patch pro gram and said first clear patch program from memorv . 

19. (currently amended) The method according to claim 1, wherein said nocond unique key is stored 
in nonvolatile memory external to said computing device. 

20. (currently amended) The method according to claim 1, wherein said fiee^md unique key is 
derived from a unique ID burnt into said computing device. 

21. (currendy amended) An apparatus for securely downloading and installing a patch date program 
in a plurality of computing devices, the entire contents of said patch date protiram encrypted at m 
(^tntr^l Ipcaqox^ using a shared key known to a p lurality of computin^r devices to ^r.np. rate a first 
encrypted patch p^Pgram which is transmitted over a nonsecure communications channel in an 
e ncrypted manner using a first key , comprising: 

patch memory ad a pt e d to fitoro said patch data , 
d abafii e mory; 
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s^'^ crypied patch data tran -^ mitted to said coniputing devicof ;^-aftd 
decrypting r.Qid - first encrypted pQte h dula iitiligiiig r^qid firrit key to gcn wrte 
cl e ur patch dai^ 

N W tfy mti - the inteiiritV of thtSHSOn l ent s nf ^niri n li MT J^'Un\^ Hnro> if vciificQtinn 

passes^ 

encryptiJis smd clcaF- patch data uaing a- se cond key and £i loring thu resultant Gecond 

encrypted patch data in a idd d at a memory; 
relrievins r, aid r . o cond encrypted p&tch dala from r, aid data mcmor)^ and d i ^crypting 

sftki-f,e c0nd encrypted patch data using said aecond kcvy lo g e nerate ckar pa teh 

data; and 

patch memory adapted to store said patch pros ram; 
data memory: 
a processor; 

software means operative on said processor for: 

repeivina said first encrypted patch prn^r ram transmitted to saiti compuiin p Hf-vi<-^^ 

and decrypting said first encryp te d patch prof y ram utilizing said shared k^.y in 

aencrate a first clear patch program: 
re-enc^YptinR the entire contents of said clear natch progra m utilizing a imif|».^ i^py 

known only to and hardwired into that particular cnm pi.fm p device and 

Storing a resuhant second encr ypted patch progra m in said mftmnry; 
upon subsequ ent reset, retriev i ng said second encrypted patch p r ogram from s^iH 

memory and decrypting s aid second encrypted patch program utilizing ^..\t\ 

unique kev to genera te a second clear patch program; nnd 
loading said second clear patph prop ram into said patch memorv lor execution hy <iA'u\ 

c omputing device. 



22. (currently amended) The apparatus according to claim 21, wherein said patch tkrta pxogram is 
received from a satellite adapted to forward said patch data transmitted from a central data center. 
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23. (currently anieaded) The apparatus according to claim 21, wherein said patch data nm^ram is 
received from a terrestrial repeater station adapted to forwtird said patch data transmitted from a 
Central data center. 

24. (original) The apparatus according to claim 21, wherein said nonsecure channel comprises a 
satellite downlink. 

25. (original) The apparatus according to claim 21, wherein said nonsecure channel comprises a 
terrestrial wireless link. 

26. (original) The apparatus according to claim 21, wherein said computing device comprises the 
data processor portion of a radio receiver adapted to receive a signal transmitted from a satellite 
downlink. 

27. (original) The apparatus according to claim 21, wherein said computing device comprises the 
data processor portion of a radio receiver adapted to receive a signal transmitted from a terrestrial 
repeater station. 

28. (currently amended) The apparatus according to claim 21, wherein said share d key is known 
to all computing devices in said system, 

29. (currently amended) The apparatus according to claim 21, wherein said fert shared key is known 
to a portion of computing devices in said system. 

3U. (currently amended) The apparatus according to claim 21, wherein ea^h individual comp u ting 
device comprised u unique r,acond kcyfl ot known to ot he r computing devices wherein said software 
means is operative to verify the inte grity of the contents of said first clear patch p rofyram 

31. (original) The apparatus according to claim 21, wherein said data memory comprises random 
access memory (RAM) integral to said computing device. 

32. (original) The apparatus according to claim 21, wherein said dat^i memory comprises random 
access memory (RAM) located in a host device in communication with said computing device. 

33. (original) The apparatus according to claim 21, wherein data memory comprises nonvolatile 
memory (N VM) integral to said device. 
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34. (original) The apparatus according lo chiim 21, wherein said data memory comprises nonvolaiile 
memory (NVM) located in a host device in communication with said computing device. 

35. (currently amended) The apparatus according lo claim |f2l]] 30, wherein said software means is 
operative to delete said p atch information first encrypted patch pro ^nim and s^ ^id tlrsi clear p atc^ 
program from said device in the event said verification fails. 

36. (currently amended) The apparatus according to claim [[21JJ 30, wherein said software means is 
operadvc to delete said patch infommti en fir>>t enci-vpt cd natch program and said fir^it clear p atch 
program from said device and subsequently reboot said computing device in the event said 
verification fails. 

37. (currently amended) The apparatus according to claim 21, wherein said ftf&t shared key is 
hardwired within said computing device. 

38. (currently amended) The apparatus according lo claim 2 J, wherein vSaid s econd unique key is 
hardwired within said computing device. 

39. (currently amended) ITic apparatus according lo claim 21, wherein said seeewd unique key is 
stored in nonvolatile memory external to said computing device. 

40. (currently amended) The apparatus according to claim 21, wherein said see€>«d unique key is 
derived from a unique ID unique among all computing devices and permanently burnt into said 
computing device, 

41 . (currently amended) A system for downloading and installing a patch program on a plurality 
of communication platforms, comprising: 

encryption means lor encrypt ing the entire contenis of said patch program usi n p, a shared kev 
Renown to .a plurality of communication platforms fft^npr atc a first encrypted p atch 
prouram: 

transmission means for transmitting said first encryption patch dttte program over a 
nonsecure cotmnuntcations link to Siiid a plurality of communicalion platforms 
wherein said pa t ch data i s transmitted encrypted utilizing u firiit key ; 

receiving means in each communications platform adapted to receive said first cncrvp tod 
patch dfttti program over said nonsecure communications link; 
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a data processor adapted to receive said first cncrj'pLed patch data pio&ram from said 
receiving moans; 

a host device adapted to communicate with said data processor; and 
said data processor comprising: 

patch memory adapted to store said patch Aita program : 

data memory; 

processing means; 

software means operative on said data processor for: 



verifying iha integrity of the contentr , of r i md - clear patch data' and if liaid 
v e rification passes, 



seco nd e ncrypted patch data in said d at a memory* 
r e trieving said -se cond enci-yptcd patch data from baid d a ta memoF y-aftd 
d e ciypting r iuid second encryp ^tg d patch data ut>ing r . aid &ucond Icgy t o 



receivinft said ftrsi encrypted oalrh program and decrvptinp, said first 
encrypted patch progra m utilizing said shared kev t o generate a first 



clear natch progratri; 
r^-^fiQVPtinfi,the entire cx)ntcn t s of said cleat p atch program miljzinp a unigiin 
key Icnown o nly tp ^pd hard wired into that pp^rtir ular coni putin^^ 
platform and storinp a resiilf;inr g»-rn nd encryp te d patch pro ^rr^im^ 
said mcn^qry; 

upon subseciue ji t reset, retrieviq^ sai d second cnoryp feH pnirh pfl-n gram From 
s^ud memory and decryptin g said second encrypted patch p r^^x^.m 
utilizing said unique kev to gen erate a second clear patch prog ram; and 

loading said second clear patch program ink) sa i d patch memory for exccuiitm 
l>v said processing means. 



1 CCw I vti 
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42. (currenlly amei>Ued) The system according lo claim 41, wherein said transmission means 
comprises means for transmitting said first encrvnted patch dsria proprani from a central data center 
via a satellite lo said plurality of conimunicalion platforms. 

43. (currently amended) The system according lo claim 41, wherein said transmission means 
comprises means tor transmitting said first encrypted patch data program from a central data center 
via a terrestrial repeater station to said plurality of communication platforms. 

44. (original) The system according lo claim 41, wherein said nonsecure link comprises a satellite 
downlink. 

45. (original) The system according lo claim 41, wherein said nonsecure link comprises a terrestrial 
wireless link. 

46. (original) The system according to claim 41, wherein said communications platform comprises a 
portable or fixed radio operative to receive, demodulate and decode a signal broadcast via satellite, 

47. (original) The System according to claim 41, wherein said communications platform comprises a 
portable or fixed radio operative to receive, demodulate and decode a .signal broadcast via a 
terrestrial repeater station. 

48. (currently amended) The system according to claim 41, wherein said ftfst shared key is known to 
all aimmunications platforms in .said system. 

49. (currently amended) The system according to claim 41, wherein said fkbt shared key is known to 
a portion of communications platforms in said system. 

50. (currently amended) The system according to claim 41, whoroin ouch individual communieulion.'; 
platform compr ises a uniqu e s e cond Itoy not known tOH^th e r communicmionii pl atfefms wherein said 
soriwarg is operative to verily the integritv of tha contents of said first clear natch prog ram. 

51. (original) The system according to claim 41, wherein said data memory comprises random 
access memory (RAM) integral to said data processor. 

52. (original) The system according to claim 41, wherein said data memory comprises random 
access memory (RAM) coupled lo said host device. 
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53- (original) The sysiem according to claim 41, wherein data memory comprises nonvolatile 
memory (NVM) inlegral to said data processor. 

54. (original) The sy.steni according to claim 41, wherein said data memory comprises nonvolatile 
memory (NVM) coupled to saitl host device. 

55. (currently amended) Tlic system according to claim [[41]] 50, wherein said software means is 
Operative to delete said patch inform airieft _rin>l_mc rvpted patch prog ram and sairl ^irkt riPiir pMtnh 
program from said communication platform in the event said verification fails. 

56. (currently amended) The ^system according to claim [f41]] 50, wherein siaid software means is 
operative to delete said pitich information first encrypted patch propram and said first clear patch 
pro-am from said communication platform and subsequently reboot said communication platform 
in the event said verification tiiils. 

57. (currently amended) The system according to claim 41, wherein said fifst shared key is 
haidwircd within said data processor. 

58. (currently amended) The system according lo claim 41, wherein said s e cond unique key is 
hiurdwired within said data processor. 

59. (currently amended) The system according to claim 41, wherein said a e cond unique key is stored 
in nonvolatile memory external to said data processor. 

60. (currently amended) The system according to claim 41, wherein said se cond unique key is 
derived from an ID unique among all communicarion platforms and permanently buml into said data 
processor. 

61. (currently amended) A method of securely downloading a patch program in a plurality of 
computing devices each having a processor, progiam memory and patch memory, said method 
comprising the steps of: 
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>at ch; and if 6Liid vcnficaiioii is sa ^ee^^^vfol^ 



encrypting ' jaid fiiT i t c i car pglch u b in^ scco n ct key, whorci i v e uch compul i ng dcv i co hu i^ a 

second key uniqu e iherelo; and 
raoring th e £iecond e ncrypted pat ^ h in u data memor y^ 

cncrvptin<; the entire, contents of said p atch protrram using a shared key lo generate a firgi 
encrVPM p^tp h profflam, said shared key beinp known to a plurality of comp uting 
devices; 

transmittinii said first encry pted patch program (o a plurality of said comp titinp; dt-mcF^ nv^r 

a nonsecure coinmunicalions channel: 
receiving said first encrypted patch program at a computing device; 

decrypting said first cncrypied patch pro g[ram utilizing said shared kev to p^c nerate a first 
cle ar patch program: 

yerifyjnfi the integrity of said first clear patch prog r am: and if said verifiration is s-uccej^j^iful^ 
re-encryptina the entire contents of sa id clear patch pro^^ram utilizing a unique k^ y known 

only to and hardwired into that particular comnutina device and storin f> a ro.<;^iHMpt 

second encrypted patch progrcim in memory. 

62, (currently amended) The method of claim 61, further comprising the steps of: 

upon subseque nt reset, retrieving said second encrypted patch program from said [[data]] 
memory; 

decrypting said second encrypted patch Program using said se cond iiniuue key to generate a 

second clear patch program : and 
loading said second clear patch program into said patch memory tor execution bv said 



63. (currently amended) An apparatus for securely downloading a patch protiram in a plurality of 
computing devices, the entire contents of said patch dtt+a program encrypted nsin^ a shared kev 
known to a plurality of computing device lo generate a first cncrvptcd patch prog ram th^n \k 
transmitted over a nonsecure communications channel in ,.t^ nnrn'ptrd mni>nri- minrr n ihrt i 



^Q^^^'^^ P^^ch memory coupled to said processor and adapted to store said a second clear 

patch pro grain : 
data memory coupled to said processor; 



processor . 




shared among said pl- ura l ity of computing devices , comprising: 



a processor; 
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soJ'lwarc means opcralive on said processor to: 

receive a first cncry i» ^ed patch m a computing - d e v i ce mid decrypt said firF.l e ncrypM 

patch ut i l iz ing f . uid firjt key to geHerale a firiit cIcQr - putch; 
verify th e int e grity of r.Qid fmi clear patch; an ^ ifsivid vorifi et Uion is H uc c-est>My 
encrypt tmid ftr»t cle a r patch u^iufi a sec ond k e y, whcre ^ti^ettet^^fttptHi^^ 



f.iore the aecond encryp t ed patch in a data memory. 

receive said first encrypte d p^tch pr ogram and decrvnt said first encrypted p ntrh 

propi;e^ti^ Utilising said .shared key to Hencratc a first clear patch pro firam- 
verily the integrit y. of sa id 11rst dear patch: and if said vcriHcation is successfu], 
re-^ncTypt the ,...cjl tirc contents of said clear patch p rogram iitilizinj; a unique key 
known only t _o_ a nd hardwired int o that particular comnutin& device and store a 
resuhani :secpftd cocrvnted patch program in said n u-mr^ 

64, (currently amended) The apparatus of claim 63, wherein said software means is further operative 
lo: 

after each subseque n t reset, retrieve said second encrypted patch protfram from said data 
memory; 

decrypt said second encrypted patch pr< ^g ran ^ using said seeeml unique key to generate a 
second clear patch; and 

load said second clear patch firogram into said patch memory for exccuticin hy ^^i/t 
processor . 
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